How America is snooping on YOU ... and may soon be snooping a whole lot more

Saturday 5 July 2008 19:53 BST

Under western eyes: US authorities are leaning on European governments for personal information about their citizens

Dutch Liberal MEP Sophie In’t Veld was becoming irritated. Whenever she tried to board a flight in America – something she does several times each year – she was delayed by special security checks, subjected to questioning, additional searches of her bags and screening for explosives.

‘No one has ever accused me of involvement with terrorism or organised crime,’ In’t Veld said. ‘So I tried to discover why I was being singled out.’

Security expert In’t Veld, 41, wrote to three US government departments – State, Justice and Homeland Security – asking what they had on her in their files.

She especially wanted to know whether she had unjustly been deemed ‘high-risk’ under a scheme known as ATS, the Automated Targeting System.

It is a secret computer database whose conclusions can, under American law, be shared with a wide range of US and foreign government agencies and in some cases, employers.

Despite invoking America’s Freedom of Information Act, In‘t Veld got nowhere. Last week, she filed a US lawsuit, the first of its kind, demanding access to her records.

‘They say there are means of redress if US agencies hold damaging but inaccurate information about you,’ she said. ‘They don’t seem to work.’

Her case comes at a critical juncture. Since the start of this year, operating almost entirely beneath the public radar, the US Government has been making a concerted, multi-faceted push for unrestricted access to vast volumes of personal data held by governments on this side of the Atlantic.

What the US is after goes far beyond the ability to make requests case by case. They seek the ability to go on electronic fishing expeditions among British and other European databases held by law enforcement, immigration, financial and other official bodies – without even having to inform the databases’ custodians, let alone their subjects.

Some of this information – misleading police intelligence reports based on malicious hearsay, for example – might well turn out to have much more serious consequences than whatever titbit is responsible for inconveniencing Ms In’t Veld at airports.

Theoretically, it could lead to the extradition of British subjects to face criminal trial in America on the basis of unverified information derived from UK files, even in cases where authorities in Britain do not consider prosecution justified.

The 2003 Extradition Act has already made American extradition requests effectively immune to legal challenge, by removing any need for a prima facie case.

Last week Statewatch, the civil liberties monitoring group, obtained a copy of the final report of a group of senior US and European Union officials – the ‘High Level Contact Group on information sharing and privacy and personal data protection’.

Supposedly, its job was to agree some international standards to ensure the rights of EU citizens will remain protected under agreements to make European data available to America. In practice, these safeguards look alarmingly weak.

The report says the Americans want instant information from EU members’ databases for ‘the prevention, detection, suppression, investigation or prosecution of any criminal offence’, as well as ‘non-criminal judicial or administrative proceedings’ – in other words, pretty much anything.

It is difficult to read the report’s final section without feeling chilled. There is, for example, no prohibition on supplying details of someone’s ethnic origins, political, religious or philosophical beliefs, or personal information about health or sexual life.

Confidential data transferred to America under the terms of the document could also include details of personal investments, bank and credit-card spending.

All information could be disseminated to US agencies, and in some circumstances, to third countries.

There must, the report promises, be ‘independent oversight’. Yet it accepts that, sometimes, decisions could be taken by machines.

For example, a computerised warning making it impossible to board an aircraft might be issued because a piece of American software determined a person posed a threat.

The report says such ‘automated decisions’ can be taken ‘without human involvement’, as long as there are ‘appropriate safeguards in place, including the possibility to obtain human intervention’.

‘In the real world, such protection is meaningless,’ said Tony Bunyan, Statewatch’s director. ‘If there’s no right to be informed what a database says about you, the first you’re going to know is when you’re wrongly arrested, when you don’t get that job, or when you can’t get on that plane.’

While the High Level Contact Group has been busily diluting future data protection, the Americans have spent the past several months making some sweeping, more immediate demands.

Their chosen vehicle is the Visa Waiver Programme – the system that allows British and most EU citizens to visit America without passport visas. Henceforth, under the 9/11 Commission Act, passed in the US last year, visa waiver countries will be obliged to agree to stringent new security standards – including access to data.

In the words of the Act, decisions on whether to allow nations visa-free travel will depend on whether America decides they are ‘actively co-operating with the US to prevent terrorist travel, including sharing counter-terrorism and law enforcement information’.

America’s demands – set out in May by Richard Barth, assistant secretary for Homeland Security – in recent secret negotiations with the EU and individual states have been extraordinarily broad.

What the US sought, Barth said, was ‘requirements to provide certain information on air passengers, serious crimes, known or suspected terrorists, asylum and migration matters, and timely reporting of lost and stolen passport data, as well as co-operation on airport and aviation security.’

Of course, sharing information internationally can play a key role in combating terrorism and serious crime. But it is vital there must be rigorous methods of quality control and means to correct inaccurate records.

Neither Barth nor his officials have made any mention of this.

Yet another secret EU document leaked to Statewatch suggests Europe has already conceded America’s requests without putting up resistance on these key issues.

Dated April 11, it is the EU ‘mandate’ setting out the terms of Europe’s negotiating position – and accepts as its starting point that the EU should ‘explore the scope for agreement’ to the provisions of the 9/11 Act.

The document does say that any US-EU deal must ‘comply with fundamental rights and freedoms of individuals including the rights to privacy and data protection’. But as to how this lofty objective might be achieved, it is silent.

‘The safeguards are so minimal they might as well not exist,’ Bunyan said. ‘I’ve yet to see an occasion where Europe has refused American demands. They are in effect the 28th member of the EU.’

Civil libertarians like former Shadow Home Secretary David Davis have, rightly, become concerned at British Government measures such as 42-day detention for terrorist suspects.

But for most ordinary citizens, the pressure to share data from across the Atlantic is a far greater threat.